The Morning Risk Report: The Risks of Marrying Ethics to Compliance

TODAY AT 12:30 ET: An interview with John P. Carlin, head of Morrison & Foerster’s global risk and crisis management team and a former assistant attorney general about the mass cyberattack and how companies can work with government. http://bit.ly/2qQEMKZ

Hear Dan Taylor of the NHS, RSA's Azeem Aleem, U.K. Information Commissioner Elizabeth Denham at the WSJ Pro Cybersecurity Forum in London on May 25. http://cyber.wsj.com/

Should ethics and compliance be combined as one function? It’s a question some organizations are pondering, and a report from the Ethics Institute, South Africa and the Institute of Business Ethics spells out the positives and negatives of combining the two functions. The report was funded by Canada-based engineering and construction firm SNC-Lavalin, which was hit by allegations of improper payments by top executives that led to accounting charges and the departure of a former chief executive in 2012. While companies that are regulated often see compliance as pre-eminent, many understand the importance of having the proper mindset when setting out to create an ethical culture, said Philippa Foster Back, director of the Institute of Ethics, in the report. “That mindset, which should be based on an ethical framework of corporate values to guide decisions and behaviors, will be encouraged by the creation of a separate ethics function and will lead to better compliance as a result,” said Ms. Back in the report.

While both ethics and compliance share the goal of explaining to people why they need to behave a certain way, the report stated they differ in approach, with ethics focused on embedding a set of common values and letting workers exercise their own personal judgment and compliance spelling out what can and can’t be done. While the two roles overlap, the report states each function has its own required set of skills, “making it difficult to find an individual that can successfully lead both ethics and compliance.” The distinctions between what is ethical and what is legal can sometimes be found in how an organization structures its code and what it titles the document—with organizations driven by compliance calling them codes of conduct and those driven by ethics calling them codes of ethics. Organizations need to move beyond the point where employees think everything that is “not explicitly forbidden by laws or regulations is allowed,” and they need to be encouraged to ask questions and raise concerns when they are unsure about something, stated the report.

The two functions share challenges, including improving the perceptions of ethics and compliance. The report states some employees can feel their morals are being questioned when the organization speaks about “ethics,” while others feel the word “compliance” connotes they are under constant surveillance. The two functions need to work to establish higher levels of trust with outside stakeholders and to make sure their messages are being heard in the C-suite and boardroom. Dangers exist when trying to combine ethics and compliance. If the focus is too much on compliance, the report states the prominence of the ethics message diminishes and personal accountability can erode. “A strong ethics program…reduces the likelihood of employees rationalizing misconduct,” stated the report. “Rather, they will engage in moral reasoning to justify why they should not transgress organizational ethics standards.”

SEC reverses course on ETF. The Securities and Exchange Commission will reconsider its initial approval of a risky, first-of-its-kind exchange-traded fund that promises four times the daily price moves of S&P 500 futures contracts, people familiar with the matter told the WSJ. The commission’s decision means the earlier approval—given by the SEC’s staff, not the politically appointed commissioners—has been put on hold and doesn’t allow the ForceShares Daily 4X US Market Futures Long Fund and Short Fund to begin trading, the people said.

U.N. ambassador warns on North Korea. Fox News reports United Nations Ambassador Nikki Haley said countries providing assistance to North Korea could face sanctions, alongside the pariah nation. "You either support North Korea or you support us, because that's what it comes down to," Haley said at a news conference.

U.S. President Donald Trump (R) delivers remarks while hosting ambassadors from the 15 country members of the United Nations Security Council with his Ambassador to the U.N. Nikki Haley (2nd R) in the State Dining Room at the White House April 24, 2017 in Washington, DC.

Getty Images

Mining companies lobby on Australia law. The Sydney Morning Herald reports mining companies BHP Billiton, Woodside and Orica have made submissions to the Australian government regarding a proposed strengthening of anti-bribery laws. The companies warned against going too far but also proposed Australia's approach should be in line with other major internatinal anti-bribery laws.

Companies plan more reg-tech investment. A joint survey by the Society for Worldwide Interbank Financial Telecommunication and Dow Jones Risk & Compliance found 54% of respondents plan to increase their investment in regulatory technology in the next three to five years. Dow Jones & Co. also publishes the Wall Street Journal.

DATA SECURITY

A ransomware podcast. Listen to a WSJ podcast in which WSJ Pro reporter Kate Fazzini discusses the growth of ransomware and the WannaCry attacks. http://on.wsj.com/2qKuLyI

Hacker group threatens code release. Reuters reports that although infection by the WannaCry ransomware worm has slowed, the group that leaked U.S. government hacking tools used in the attack is threatening to release more such code.

A screenshot shows a WannaCry ransomware demand, provided by cybersecurity firm Symantec on May 15.

Reuters

Bell Canada hacked. The Register reports Bell Canada said Tuesday hackers have stolen details on 1.9 million of its customer accounts, though not payment card numbers or passwords.

GOVERNANCE

Twitter co-founder to tackle culture. Twitter Inc. co-founder Biz Stone is rejoining the micro-messaging company to focus on its culture, in an attempt to revive morale amid many executive departures and slumping growth, the WSJ reports. In his new role, Mr. Stone will also aim to convey elements of Twitter’s culture externally, he said in a blog post Tuesday. Mr. Stone said he isn’t replacing anybody at Twitter and he will work with Twitter’s Chief Marketing Officer Leslie Berland.

BHP to meet with activist. BHP Billiton Ltd. Chief Executive Andrew Mackenzie will meet Wednesday with representatives from Elliott Management Corp., the activist investor pushing for the resources company to shed at least some of its oil-and-gas assets and boost shareholder returns, the WSJ reports. The talks are set to take place on the sidelines of a mining-and-metals conference in Barcelona, a day after Mr. Mackenzie told an audience there the company was confident a strategy of cutting costs and unlocking latent production capacity could boost the value of the company by up to 50%.